← Back

CVE-2008-5357

nvd nist
Published: Dec 5, 2008Modified: Apr 23, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which triggers a heap-based buffer overflow.

Affected (128)

Products: Sun: Jre, Jdk, Sdk
Sun
3 products
Jre
Jdk
Sdk
Configuration A
60 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Jre
Version 1.3.1
Jre
Version 1.3.1_03
Jre
Version 1.3.1_04
Jre
Version 1.3.1_05
Jre
Version 1.3.1_06
Jre
Version 1.3.1_07
Jre
Version 1.3.1_08
Jre
Version 1.3.1_09
Jre
Version 1.3.1_10
Jre
Version 1.3.1_11
Jre
Version 1.3.1_12
Jre
Version 1.3.1_13
Jre
Version 1.3.1_14
Jre
Version 1.3.1_15
Jre
Version 1.3.1_16
Jre
Version 1.3.1_17
Jre
Version 1.3.1_18
Jre
Version 1.3.1_19
Jre
Version 1.3.1_20
Jre
Version 1.3.1_21
Jre
Version 1.3.1_22
Jre
Version 1.3.1_23
Jre
Version 1.3.1_2
Jre
Version 1.4.2
Jre
Version 1.4.2_10
Jre
Version 1.4.2_11
Jre
Version 1.4.2_12
Jre
Version 1.4.2_13
Jre
Version 1.4.2_14
Jre
Version 1.4.2_15
Jre
Version 1.4.2_16
Jre
Version 1.4.2_17
Jre
Version 1.4.2_18
Jre
Version 1.4.2_1
Jre
Version 1.4.2_2
Jre
Version 1.4.2_3
Jre
Version 1.4.2_4
Jre
Version 1.4.2_5
Jre
Version 1.4.2_6
Jre
Version 1.4.2_7
Jre
Version 1.4.2_8
Jre
Version 1.4.2_9
Jre
Version 1.5.0
Jre
Version 1.5.0 update10
Jre
Version 1.5.0 update11
Jre
Version 1.5.0 update12
Jre
Version 1.5.0 update13
Jre
Version 1.5.0 update14
Jre
Version 1.5.0 update15
Jre
Version 1.5.0 update16
Jre
Version 1.5.0 update1
Jre
Version 1.5.0 update2
Jre
Version 1.6.0
Jre
Version 1.6.0 update_10
Jre
Version 1.6.0 update_1
Jre
Version 1.6.0 update_2
Jre
Version 1.6.0 update_3
Jre
Version 1.6.0 update_4
Jre
Version 1.6.0 update_5
Jre
Version 1.6.0 update_6
Configuration B
19 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Jdk
Version 1.5.0
Jdk
Version 1.5.0 update10
Jdk
Version 1.5.0 update1
Jdk
Version 1.5.0 update2
Jdk
Version 1.5.0 update3
Jdk
Version 1.5.0 update4
Jdk
Version 1.5.0 update5
Jdk
Version 1.5.0 update6
Jdk
Version 1.5.0 update7
Jdk
Version 1.5.0 update7_b03
Jdk
Version 1.5.0 update8
Jdk
Version 1.5.0 update9
Jdk
Version 1.6.0
Jdk
Version 1.6.0 update_10
Jdk
Version 1.6.0 update_3
Jdk
Version 1.6.0 update_4
Jdk
Version 1.6.0 update_5
Jdk
Version 1.6.0 update_6
Jdk
Version 1.6.0 update_7
Configuration C
49 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Sdk
Version 1.3.1
Sdk
Version 1.3.1_01
Sdk
Version 1.3.1_01a
Sdk
Version 1.3.1_02
Sdk
Version 1.3.1_03
Sdk
Version 1.3.1_04
Sdk
Version 1.3.1_05
Sdk
Version 1.3.1_06
Sdk
Version 1.3.1_07
Sdk
Version 1.3.1_08
Sdk
Version 1.3.1_09
Sdk
Version 1.3.1_10
Sdk
Version 1.3.1_11
Sdk
Version 1.3.1_12
Sdk
Version 1.3.1_13
Sdk
Version 1.3.1_14
Sdk
Version 1.3.1_15
Sdk
Version 1.3.1_16
Sdk
Version 1.3.1_17
Sdk
Version 1.3.1_18
Sdk
Version 1.3.1_19
Sdk
Version 1.3.1_20
Sdk
Version 1.3.1_21
Sdk
Version 1.3.1_22
Sdk
Version 1.3.1_23
Sdk
Version 1.4.2
Sdk
Version 1.4.2_02
Sdk
Version 1.4.2_03
Sdk
Version 1.4.2_04
Sdk
Version 1.4.2_08
Sdk
Version 1.4.2_09
Sdk
Version 1.4.2_10
Sdk
Version 1.4.2_11
Sdk
Version 1.4.2_12
Sdk
Version 1.4.2_13
Sdk
Version 1.4.2_14
Sdk
Version 1.4.2_15
Sdk
Version 1.4.2_16
Sdk
Version 1.4.2_17
Sdk
Version 1.4.2_18
Sdk
Version 1.4.2_1
Sdk
Version 1.4.2_2
Sdk
Version 1.4.2_3
Sdk
Version 1.4.2_4
Sdk
Version 1.4.2_5
Sdk
Version 1.4.2_6
Sdk
Version 1.4.2_7
Sdk
Version 1.4.2_8
Sdk
Version 1.4.2_9

Related CWEs

CWE-189
CWE-189

References (74)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.